keycloak.Realm
Explore with Pulumi AI
Create Realm Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Realm(name: string, args: RealmArgs, opts?: CustomResourceOptions);
@overload
def Realm(resource_name: str,
args: RealmArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Realm(resource_name: str,
opts: Optional[ResourceOptions] = None,
realm: Optional[str] = None,
access_code_lifespan: Optional[str] = None,
access_code_lifespan_login: Optional[str] = None,
access_code_lifespan_user_action: Optional[str] = None,
access_token_lifespan: Optional[str] = None,
access_token_lifespan_for_implicit_flow: Optional[str] = None,
account_theme: Optional[str] = None,
action_token_generated_by_admin_lifespan: Optional[str] = None,
action_token_generated_by_user_lifespan: Optional[str] = None,
admin_theme: Optional[str] = None,
attributes: Optional[Mapping[str, str]] = None,
browser_flow: Optional[str] = None,
client_authentication_flow: Optional[str] = None,
client_session_idle_timeout: Optional[str] = None,
client_session_max_lifespan: Optional[str] = None,
default_default_client_scopes: Optional[Sequence[str]] = None,
default_optional_client_scopes: Optional[Sequence[str]] = None,
default_signature_algorithm: Optional[str] = None,
direct_grant_flow: Optional[str] = None,
display_name: Optional[str] = None,
display_name_html: Optional[str] = None,
docker_authentication_flow: Optional[str] = None,
duplicate_emails_allowed: Optional[bool] = None,
edit_username_allowed: Optional[bool] = None,
email_theme: Optional[str] = None,
enabled: Optional[bool] = None,
internal_id: Optional[str] = None,
internationalization: Optional[RealmInternationalizationArgs] = None,
login_theme: Optional[str] = None,
login_with_email_allowed: Optional[bool] = None,
oauth2_device_code_lifespan: Optional[str] = None,
oauth2_device_polling_interval: Optional[int] = None,
offline_session_idle_timeout: Optional[str] = None,
offline_session_max_lifespan: Optional[str] = None,
offline_session_max_lifespan_enabled: Optional[bool] = None,
otp_policy: Optional[RealmOtpPolicyArgs] = None,
password_policy: Optional[str] = None,
refresh_token_max_reuse: Optional[int] = None,
registration_allowed: Optional[bool] = None,
registration_email_as_username: Optional[bool] = None,
registration_flow: Optional[str] = None,
remember_me: Optional[bool] = None,
reset_credentials_flow: Optional[str] = None,
reset_password_allowed: Optional[bool] = None,
revoke_refresh_token: Optional[bool] = None,
security_defenses: Optional[RealmSecurityDefensesArgs] = None,
smtp_server: Optional[RealmSmtpServerArgs] = None,
ssl_required: Optional[str] = None,
sso_session_idle_timeout: Optional[str] = None,
sso_session_idle_timeout_remember_me: Optional[str] = None,
sso_session_max_lifespan: Optional[str] = None,
sso_session_max_lifespan_remember_me: Optional[str] = None,
user_managed_access: Optional[bool] = None,
verify_email: Optional[bool] = None,
web_authn_passwordless_policy: Optional[RealmWebAuthnPasswordlessPolicyArgs] = None,
web_authn_policy: Optional[RealmWebAuthnPolicyArgs] = None)
func NewRealm(ctx *Context, name string, args RealmArgs, opts ...ResourceOption) (*Realm, error)
public Realm(string name, RealmArgs args, CustomResourceOptions? opts = null)
type: keycloak:Realm
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RealmArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RealmArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RealmArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RealmArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RealmArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var realmResource = new Keycloak.Realm("realmResource", new()
{
RealmName = "string",
AccessCodeLifespan = "string",
AccessCodeLifespanLogin = "string",
AccessCodeLifespanUserAction = "string",
AccessTokenLifespan = "string",
AccessTokenLifespanForImplicitFlow = "string",
AccountTheme = "string",
ActionTokenGeneratedByAdminLifespan = "string",
ActionTokenGeneratedByUserLifespan = "string",
AdminTheme = "string",
Attributes =
{
{ "string", "string" },
},
BrowserFlow = "string",
ClientAuthenticationFlow = "string",
ClientSessionIdleTimeout = "string",
ClientSessionMaxLifespan = "string",
DefaultDefaultClientScopes = new[]
{
"string",
},
DefaultOptionalClientScopes = new[]
{
"string",
},
DefaultSignatureAlgorithm = "string",
DirectGrantFlow = "string",
DisplayName = "string",
DisplayNameHtml = "string",
DockerAuthenticationFlow = "string",
DuplicateEmailsAllowed = false,
EditUsernameAllowed = false,
EmailTheme = "string",
Enabled = false,
InternalId = "string",
Internationalization = new Keycloak.Inputs.RealmInternationalizationArgs
{
DefaultLocale = "string",
SupportedLocales = new[]
{
"string",
},
},
LoginTheme = "string",
LoginWithEmailAllowed = false,
Oauth2DeviceCodeLifespan = "string",
Oauth2DevicePollingInterval = 0,
OfflineSessionIdleTimeout = "string",
OfflineSessionMaxLifespan = "string",
OfflineSessionMaxLifespanEnabled = false,
OtpPolicy = new Keycloak.Inputs.RealmOtpPolicyArgs
{
Algorithm = "string",
Digits = 0,
InitialCounter = 0,
LookAheadWindow = 0,
Period = 0,
Type = "string",
},
PasswordPolicy = "string",
RefreshTokenMaxReuse = 0,
RegistrationAllowed = false,
RegistrationEmailAsUsername = false,
RegistrationFlow = "string",
RememberMe = false,
ResetCredentialsFlow = "string",
ResetPasswordAllowed = false,
RevokeRefreshToken = false,
SecurityDefenses = new Keycloak.Inputs.RealmSecurityDefensesArgs
{
BruteForceDetection = new Keycloak.Inputs.RealmSecurityDefensesBruteForceDetectionArgs
{
FailureResetTimeSeconds = 0,
MaxFailureWaitSeconds = 0,
MaxLoginFailures = 0,
MinimumQuickLoginWaitSeconds = 0,
PermanentLockout = false,
QuickLoginCheckMilliSeconds = 0,
WaitIncrementSeconds = 0,
},
Headers = new Keycloak.Inputs.RealmSecurityDefensesHeadersArgs
{
ContentSecurityPolicy = "string",
ContentSecurityPolicyReportOnly = "string",
ReferrerPolicy = "string",
StrictTransportSecurity = "string",
XContentTypeOptions = "string",
XFrameOptions = "string",
XRobotsTag = "string",
XXssProtection = "string",
},
},
SmtpServer = new Keycloak.Inputs.RealmSmtpServerArgs
{
From = "string",
Host = "string",
Auth = new Keycloak.Inputs.RealmSmtpServerAuthArgs
{
Password = "string",
Username = "string",
},
EnvelopeFrom = "string",
FromDisplayName = "string",
Port = "string",
ReplyTo = "string",
ReplyToDisplayName = "string",
Ssl = false,
Starttls = false,
},
SslRequired = "string",
SsoSessionIdleTimeout = "string",
SsoSessionIdleTimeoutRememberMe = "string",
SsoSessionMaxLifespan = "string",
SsoSessionMaxLifespanRememberMe = "string",
UserManagedAccess = false,
VerifyEmail = false,
WebAuthnPasswordlessPolicy = new Keycloak.Inputs.RealmWebAuthnPasswordlessPolicyArgs
{
AcceptableAaguids = new[]
{
"string",
},
AttestationConveyancePreference = "string",
AuthenticatorAttachment = "string",
AvoidSameAuthenticatorRegister = false,
CreateTimeout = 0,
RelyingPartyEntityName = "string",
RelyingPartyId = "string",
RequireResidentKey = "string",
SignatureAlgorithms = new[]
{
"string",
},
UserVerificationRequirement = "string",
},
WebAuthnPolicy = new Keycloak.Inputs.RealmWebAuthnPolicyArgs
{
AcceptableAaguids = new[]
{
"string",
},
AttestationConveyancePreference = "string",
AuthenticatorAttachment = "string",
AvoidSameAuthenticatorRegister = false,
CreateTimeout = 0,
RelyingPartyEntityName = "string",
RelyingPartyId = "string",
RequireResidentKey = "string",
SignatureAlgorithms = new[]
{
"string",
},
UserVerificationRequirement = "string",
},
});
example, err := keycloak.NewRealm(ctx, "realmResource", &keycloak.RealmArgs{
Realm: pulumi.String("string"),
AccessCodeLifespan: pulumi.String("string"),
AccessCodeLifespanLogin: pulumi.String("string"),
AccessCodeLifespanUserAction: pulumi.String("string"),
AccessTokenLifespan: pulumi.String("string"),
AccessTokenLifespanForImplicitFlow: pulumi.String("string"),
AccountTheme: pulumi.String("string"),
ActionTokenGeneratedByAdminLifespan: pulumi.String("string"),
ActionTokenGeneratedByUserLifespan: pulumi.String("string"),
AdminTheme: pulumi.String("string"),
Attributes: pulumi.StringMap{
"string": pulumi.String("string"),
},
BrowserFlow: pulumi.String("string"),
ClientAuthenticationFlow: pulumi.String("string"),
ClientSessionIdleTimeout: pulumi.String("string"),
ClientSessionMaxLifespan: pulumi.String("string"),
DefaultDefaultClientScopes: pulumi.StringArray{
pulumi.String("string"),
},
DefaultOptionalClientScopes: pulumi.StringArray{
pulumi.String("string"),
},
DefaultSignatureAlgorithm: pulumi.String("string"),
DirectGrantFlow: pulumi.String("string"),
DisplayName: pulumi.String("string"),
DisplayNameHtml: pulumi.String("string"),
DockerAuthenticationFlow: pulumi.String("string"),
DuplicateEmailsAllowed: pulumi.Bool(false),
EditUsernameAllowed: pulumi.Bool(false),
EmailTheme: pulumi.String("string"),
Enabled: pulumi.Bool(false),
InternalId: pulumi.String("string"),
Internationalization: &keycloak.RealmInternationalizationArgs{
DefaultLocale: pulumi.String("string"),
SupportedLocales: pulumi.StringArray{
pulumi.String("string"),
},
},
LoginTheme: pulumi.String("string"),
LoginWithEmailAllowed: pulumi.Bool(false),
Oauth2DeviceCodeLifespan: pulumi.String("string"),
Oauth2DevicePollingInterval: pulumi.Int(0),
OfflineSessionIdleTimeout: pulumi.String("string"),
OfflineSessionMaxLifespan: pulumi.String("string"),
OfflineSessionMaxLifespanEnabled: pulumi.Bool(false),
OtpPolicy: &keycloak.RealmOtpPolicyArgs{
Algorithm: pulumi.String("string"),
Digits: pulumi.Int(0),
InitialCounter: pulumi.Int(0),
LookAheadWindow: pulumi.Int(0),
Period: pulumi.Int(0),
Type: pulumi.String("string"),
},
PasswordPolicy: pulumi.String("string"),
RefreshTokenMaxReuse: pulumi.Int(0),
RegistrationAllowed: pulumi.Bool(false),
RegistrationEmailAsUsername: pulumi.Bool(false),
RegistrationFlow: pulumi.String("string"),
RememberMe: pulumi.Bool(false),
ResetCredentialsFlow: pulumi.String("string"),
ResetPasswordAllowed: pulumi.Bool(false),
RevokeRefreshToken: pulumi.Bool(false),
SecurityDefenses: &keycloak.RealmSecurityDefensesArgs{
BruteForceDetection: &keycloak.RealmSecurityDefensesBruteForceDetectionArgs{
FailureResetTimeSeconds: pulumi.Int(0),
MaxFailureWaitSeconds: pulumi.Int(0),
MaxLoginFailures: pulumi.Int(0),
MinimumQuickLoginWaitSeconds: pulumi.Int(0),
PermanentLockout: pulumi.Bool(false),
QuickLoginCheckMilliSeconds: pulumi.Int(0),
WaitIncrementSeconds: pulumi.Int(0),
},
Headers: &keycloak.RealmSecurityDefensesHeadersArgs{
ContentSecurityPolicy: pulumi.String("string"),
ContentSecurityPolicyReportOnly: pulumi.String("string"),
ReferrerPolicy: pulumi.String("string"),
StrictTransportSecurity: pulumi.String("string"),
XContentTypeOptions: pulumi.String("string"),
XFrameOptions: pulumi.String("string"),
XRobotsTag: pulumi.String("string"),
XXssProtection: pulumi.String("string"),
},
},
SmtpServer: &keycloak.RealmSmtpServerArgs{
From: pulumi.String("string"),
Host: pulumi.String("string"),
Auth: &keycloak.RealmSmtpServerAuthArgs{
Password: pulumi.String("string"),
Username: pulumi.String("string"),
},
EnvelopeFrom: pulumi.String("string"),
FromDisplayName: pulumi.String("string"),
Port: pulumi.String("string"),
ReplyTo: pulumi.String("string"),
ReplyToDisplayName: pulumi.String("string"),
Ssl: pulumi.Bool(false),
Starttls: pulumi.Bool(false),
},
SslRequired: pulumi.String("string"),
SsoSessionIdleTimeout: pulumi.String("string"),
SsoSessionIdleTimeoutRememberMe: pulumi.String("string"),
SsoSessionMaxLifespan: pulumi.String("string"),
SsoSessionMaxLifespanRememberMe: pulumi.String("string"),
UserManagedAccess: pulumi.Bool(false),
VerifyEmail: pulumi.Bool(false),
WebAuthnPasswordlessPolicy: &keycloak.RealmWebAuthnPasswordlessPolicyArgs{
AcceptableAaguids: pulumi.StringArray{
pulumi.String("string"),
},
AttestationConveyancePreference: pulumi.String("string"),
AuthenticatorAttachment: pulumi.String("string"),
AvoidSameAuthenticatorRegister: pulumi.Bool(false),
CreateTimeout: pulumi.Int(0),
RelyingPartyEntityName: pulumi.String("string"),
RelyingPartyId: pulumi.String("string"),
RequireResidentKey: pulumi.String("string"),
SignatureAlgorithms: pulumi.StringArray{
pulumi.String("string"),
},
UserVerificationRequirement: pulumi.String("string"),
},
WebAuthnPolicy: &keycloak.RealmWebAuthnPolicyArgs{
AcceptableAaguids: pulumi.StringArray{
pulumi.String("string"),
},
AttestationConveyancePreference: pulumi.String("string"),
AuthenticatorAttachment: pulumi.String("string"),
AvoidSameAuthenticatorRegister: pulumi.Bool(false),
CreateTimeout: pulumi.Int(0),
RelyingPartyEntityName: pulumi.String("string"),
RelyingPartyId: pulumi.String("string"),
RequireResidentKey: pulumi.String("string"),
SignatureAlgorithms: pulumi.StringArray{
pulumi.String("string"),
},
UserVerificationRequirement: pulumi.String("string"),
},
})
var realmResource = new Realm("realmResource", RealmArgs.builder()
.realm("string")
.accessCodeLifespan("string")
.accessCodeLifespanLogin("string")
.accessCodeLifespanUserAction("string")
.accessTokenLifespan("string")
.accessTokenLifespanForImplicitFlow("string")
.accountTheme("string")
.actionTokenGeneratedByAdminLifespan("string")
.actionTokenGeneratedByUserLifespan("string")
.adminTheme("string")
.attributes(Map.of("string", "string"))
.browserFlow("string")
.clientAuthenticationFlow("string")
.clientSessionIdleTimeout("string")
.clientSessionMaxLifespan("string")
.defaultDefaultClientScopes("string")
.defaultOptionalClientScopes("string")
.defaultSignatureAlgorithm("string")
.directGrantFlow("string")
.displayName("string")
.displayNameHtml("string")
.dockerAuthenticationFlow("string")
.duplicateEmailsAllowed(false)
.editUsernameAllowed(false)
.emailTheme("string")
.enabled(false)
.internalId("string")
.internationalization(RealmInternationalizationArgs.builder()
.defaultLocale("string")
.supportedLocales("string")
.build())
.loginTheme("string")
.loginWithEmailAllowed(false)
.oauth2DeviceCodeLifespan("string")
.oauth2DevicePollingInterval(0)
.offlineSessionIdleTimeout("string")
.offlineSessionMaxLifespan("string")
.offlineSessionMaxLifespanEnabled(false)
.otpPolicy(RealmOtpPolicyArgs.builder()
.algorithm("string")
.digits(0)
.initialCounter(0)
.lookAheadWindow(0)
.period(0)
.type("string")
.build())
.passwordPolicy("string")
.refreshTokenMaxReuse(0)
.registrationAllowed(false)
.registrationEmailAsUsername(false)
.registrationFlow("string")
.rememberMe(false)
.resetCredentialsFlow("string")
.resetPasswordAllowed(false)
.revokeRefreshToken(false)
.securityDefenses(RealmSecurityDefensesArgs.builder()
.bruteForceDetection(RealmSecurityDefensesBruteForceDetectionArgs.builder()
.failureResetTimeSeconds(0)
.maxFailureWaitSeconds(0)
.maxLoginFailures(0)
.minimumQuickLoginWaitSeconds(0)
.permanentLockout(false)
.quickLoginCheckMilliSeconds(0)
.waitIncrementSeconds(0)
.build())
.headers(RealmSecurityDefensesHeadersArgs.builder()
.contentSecurityPolicy("string")
.contentSecurityPolicyReportOnly("string")
.referrerPolicy("string")
.strictTransportSecurity("string")
.xContentTypeOptions("string")
.xFrameOptions("string")
.xRobotsTag("string")
.xXssProtection("string")
.build())
.build())
.smtpServer(RealmSmtpServerArgs.builder()
.from("string")
.host("string")
.auth(RealmSmtpServerAuthArgs.builder()
.password("string")
.username("string")
.build())
.envelopeFrom("string")
.fromDisplayName("string")
.port("string")
.replyTo("string")
.replyToDisplayName("string")
.ssl(false)
.starttls(false)
.build())
.sslRequired("string")
.ssoSessionIdleTimeout("string")
.ssoSessionIdleTimeoutRememberMe("string")
.ssoSessionMaxLifespan("string")
.ssoSessionMaxLifespanRememberMe("string")
.userManagedAccess(false)
.verifyEmail(false)
.webAuthnPasswordlessPolicy(RealmWebAuthnPasswordlessPolicyArgs.builder()
.acceptableAaguids("string")
.attestationConveyancePreference("string")
.authenticatorAttachment("string")
.avoidSameAuthenticatorRegister(false)
.createTimeout(0)
.relyingPartyEntityName("string")
.relyingPartyId("string")
.requireResidentKey("string")
.signatureAlgorithms("string")
.userVerificationRequirement("string")
.build())
.webAuthnPolicy(RealmWebAuthnPolicyArgs.builder()
.acceptableAaguids("string")
.attestationConveyancePreference("string")
.authenticatorAttachment("string")
.avoidSameAuthenticatorRegister(false)
.createTimeout(0)
.relyingPartyEntityName("string")
.relyingPartyId("string")
.requireResidentKey("string")
.signatureAlgorithms("string")
.userVerificationRequirement("string")
.build())
.build());
realm_resource = keycloak.Realm("realmResource",
realm="string",
access_code_lifespan="string",
access_code_lifespan_login="string",
access_code_lifespan_user_action="string",
access_token_lifespan="string",
access_token_lifespan_for_implicit_flow="string",
account_theme="string",
action_token_generated_by_admin_lifespan="string",
action_token_generated_by_user_lifespan="string",
admin_theme="string",
attributes={
"string": "string",
},
browser_flow="string",
client_authentication_flow="string",
client_session_idle_timeout="string",
client_session_max_lifespan="string",
default_default_client_scopes=["string"],
default_optional_client_scopes=["string"],
default_signature_algorithm="string",
direct_grant_flow="string",
display_name="string",
display_name_html="string",
docker_authentication_flow="string",
duplicate_emails_allowed=False,
edit_username_allowed=False,
email_theme="string",
enabled=False,
internal_id="string",
internationalization={
"default_locale": "string",
"supported_locales": ["string"],
},
login_theme="string",
login_with_email_allowed=False,
oauth2_device_code_lifespan="string",
oauth2_device_polling_interval=0,
offline_session_idle_timeout="string",
offline_session_max_lifespan="string",
offline_session_max_lifespan_enabled=False,
otp_policy={
"algorithm": "string",
"digits": 0,
"initial_counter": 0,
"look_ahead_window": 0,
"period": 0,
"type": "string",
},
password_policy="string",
refresh_token_max_reuse=0,
registration_allowed=False,
registration_email_as_username=False,
registration_flow="string",
remember_me=False,
reset_credentials_flow="string",
reset_password_allowed=False,
revoke_refresh_token=False,
security_defenses={
"brute_force_detection": {
"failure_reset_time_seconds": 0,
"max_failure_wait_seconds": 0,
"max_login_failures": 0,
"minimum_quick_login_wait_seconds": 0,
"permanent_lockout": False,
"quick_login_check_milli_seconds": 0,
"wait_increment_seconds": 0,
},
"headers": {
"content_security_policy": "string",
"content_security_policy_report_only": "string",
"referrer_policy": "string",
"strict_transport_security": "string",
"x_content_type_options": "string",
"x_frame_options": "string",
"x_robots_tag": "string",
"x_xss_protection": "string",
},
},
smtp_server={
"from_": "string",
"host": "string",
"auth": {
"password": "string",
"username": "string",
},
"envelope_from": "string",
"from_display_name": "string",
"port": "string",
"reply_to": "string",
"reply_to_display_name": "string",
"ssl": False,
"starttls": False,
},
ssl_required="string",
sso_session_idle_timeout="string",
sso_session_idle_timeout_remember_me="string",
sso_session_max_lifespan="string",
sso_session_max_lifespan_remember_me="string",
user_managed_access=False,
verify_email=False,
web_authn_passwordless_policy={
"acceptable_aaguids": ["string"],
"attestation_conveyance_preference": "string",
"authenticator_attachment": "string",
"avoid_same_authenticator_register": False,
"create_timeout": 0,
"relying_party_entity_name": "string",
"relying_party_id": "string",
"require_resident_key": "string",
"signature_algorithms": ["string"],
"user_verification_requirement": "string",
},
web_authn_policy={
"acceptable_aaguids": ["string"],
"attestation_conveyance_preference": "string",
"authenticator_attachment": "string",
"avoid_same_authenticator_register": False,
"create_timeout": 0,
"relying_party_entity_name": "string",
"relying_party_id": "string",
"require_resident_key": "string",
"signature_algorithms": ["string"],
"user_verification_requirement": "string",
})
const realmResource = new keycloak.Realm("realmResource", {
realm: "string",
accessCodeLifespan: "string",
accessCodeLifespanLogin: "string",
accessCodeLifespanUserAction: "string",
accessTokenLifespan: "string",
accessTokenLifespanForImplicitFlow: "string",
accountTheme: "string",
actionTokenGeneratedByAdminLifespan: "string",
actionTokenGeneratedByUserLifespan: "string",
adminTheme: "string",
attributes: {
string: "string",
},
browserFlow: "string",
clientAuthenticationFlow: "string",
clientSessionIdleTimeout: "string",
clientSessionMaxLifespan: "string",
defaultDefaultClientScopes: ["string"],
defaultOptionalClientScopes: ["string"],
defaultSignatureAlgorithm: "string",
directGrantFlow: "string",
displayName: "string",
displayNameHtml: "string",
dockerAuthenticationFlow: "string",
duplicateEmailsAllowed: false,
editUsernameAllowed: false,
emailTheme: "string",
enabled: false,
internalId: "string",
internationalization: {
defaultLocale: "string",
supportedLocales: ["string"],
},
loginTheme: "string",
loginWithEmailAllowed: false,
oauth2DeviceCodeLifespan: "string",
oauth2DevicePollingInterval: 0,
offlineSessionIdleTimeout: "string",
offlineSessionMaxLifespan: "string",
offlineSessionMaxLifespanEnabled: false,
otpPolicy: {
algorithm: "string",
digits: 0,
initialCounter: 0,
lookAheadWindow: 0,
period: 0,
type: "string",
},
passwordPolicy: "string",
refreshTokenMaxReuse: 0,
registrationAllowed: false,
registrationEmailAsUsername: false,
registrationFlow: "string",
rememberMe: false,
resetCredentialsFlow: "string",
resetPasswordAllowed: false,
revokeRefreshToken: false,
securityDefenses: {
bruteForceDetection: {
failureResetTimeSeconds: 0,
maxFailureWaitSeconds: 0,
maxLoginFailures: 0,
minimumQuickLoginWaitSeconds: 0,
permanentLockout: false,
quickLoginCheckMilliSeconds: 0,
waitIncrementSeconds: 0,
},
headers: {
contentSecurityPolicy: "string",
contentSecurityPolicyReportOnly: "string",
referrerPolicy: "string",
strictTransportSecurity: "string",
xContentTypeOptions: "string",
xFrameOptions: "string",
xRobotsTag: "string",
xXssProtection: "string",
},
},
smtpServer: {
from: "string",
host: "string",
auth: {
password: "string",
username: "string",
},
envelopeFrom: "string",
fromDisplayName: "string",
port: "string",
replyTo: "string",
replyToDisplayName: "string",
ssl: false,
starttls: false,
},
sslRequired: "string",
ssoSessionIdleTimeout: "string",
ssoSessionIdleTimeoutRememberMe: "string",
ssoSessionMaxLifespan: "string",
ssoSessionMaxLifespanRememberMe: "string",
userManagedAccess: false,
verifyEmail: false,
webAuthnPasswordlessPolicy: {
acceptableAaguids: ["string"],
attestationConveyancePreference: "string",
authenticatorAttachment: "string",
avoidSameAuthenticatorRegister: false,
createTimeout: 0,
relyingPartyEntityName: "string",
relyingPartyId: "string",
requireResidentKey: "string",
signatureAlgorithms: ["string"],
userVerificationRequirement: "string",
},
webAuthnPolicy: {
acceptableAaguids: ["string"],
attestationConveyancePreference: "string",
authenticatorAttachment: "string",
avoidSameAuthenticatorRegister: false,
createTimeout: 0,
relyingPartyEntityName: "string",
relyingPartyId: "string",
requireResidentKey: "string",
signatureAlgorithms: ["string"],
userVerificationRequirement: "string",
},
});
type: keycloak:Realm
properties:
accessCodeLifespan: string
accessCodeLifespanLogin: string
accessCodeLifespanUserAction: string
accessTokenLifespan: string
accessTokenLifespanForImplicitFlow: string
accountTheme: string
actionTokenGeneratedByAdminLifespan: string
actionTokenGeneratedByUserLifespan: string
adminTheme: string
attributes:
string: string
browserFlow: string
clientAuthenticationFlow: string
clientSessionIdleTimeout: string
clientSessionMaxLifespan: string
defaultDefaultClientScopes:
- string
defaultOptionalClientScopes:
- string
defaultSignatureAlgorithm: string
directGrantFlow: string
displayName: string
displayNameHtml: string
dockerAuthenticationFlow: string
duplicateEmailsAllowed: false
editUsernameAllowed: false
emailTheme: string
enabled: false
internalId: string
internationalization:
defaultLocale: string
supportedLocales:
- string
loginTheme: string
loginWithEmailAllowed: false
oauth2DeviceCodeLifespan: string
oauth2DevicePollingInterval: 0
offlineSessionIdleTimeout: string
offlineSessionMaxLifespan: string
offlineSessionMaxLifespanEnabled: false
otpPolicy:
algorithm: string
digits: 0
initialCounter: 0
lookAheadWindow: 0
period: 0
type: string
passwordPolicy: string
realm: string
refreshTokenMaxReuse: 0
registrationAllowed: false
registrationEmailAsUsername: false
registrationFlow: string
rememberMe: false
resetCredentialsFlow: string
resetPasswordAllowed: false
revokeRefreshToken: false
securityDefenses:
bruteForceDetection:
failureResetTimeSeconds: 0
maxFailureWaitSeconds: 0
maxLoginFailures: 0
minimumQuickLoginWaitSeconds: 0
permanentLockout: false
quickLoginCheckMilliSeconds: 0
waitIncrementSeconds: 0
headers:
contentSecurityPolicy: string
contentSecurityPolicyReportOnly: string
referrerPolicy: string
strictTransportSecurity: string
xContentTypeOptions: string
xFrameOptions: string
xRobotsTag: string
xXssProtection: string
smtpServer:
auth:
password: string
username: string
envelopeFrom: string
from: string
fromDisplayName: string
host: string
port: string
replyTo: string
replyToDisplayName: string
ssl: false
starttls: false
sslRequired: string
ssoSessionIdleTimeout: string
ssoSessionIdleTimeoutRememberMe: string
ssoSessionMaxLifespan: string
ssoSessionMaxLifespanRememberMe: string
userManagedAccess: false
verifyEmail: false
webAuthnPasswordlessPolicy:
acceptableAaguids:
- string
attestationConveyancePreference: string
authenticatorAttachment: string
avoidSameAuthenticatorRegister: false
createTimeout: 0
relyingPartyEntityName: string
relyingPartyId: string
requireResidentKey: string
signatureAlgorithms:
- string
userVerificationRequirement: string
webAuthnPolicy:
acceptableAaguids:
- string
attestationConveyancePreference: string
authenticatorAttachment: string
avoidSameAuthenticatorRegister: false
createTimeout: 0
relyingPartyEntityName: string
relyingPartyId: string
requireResidentKey: string
signatureAlgorithms:
- string
userVerificationRequirement: string
Realm Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Realm resource accepts the following input properties:
- Realm
Name string - Access
Code stringLifespan - Access
Code stringLifespan Login - Access
Code stringLifespan User Action - Access
Token stringLifespan - Access
Token stringLifespan For Implicit Flow - Account
Theme string - Action
Token stringGenerated By Admin Lifespan - Action
Token stringGenerated By User Lifespan - Admin
Theme string - Attributes Dictionary<string, string>
- Browser
Flow string - Which flow should be used for BrowserFlow
- Client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- Client
Session stringIdle Timeout - Client
Session stringMax Lifespan - Default
Default List<string>Client Scopes - Default
Optional List<string>Client Scopes - Default
Signature stringAlgorithm - Direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- Display
Name string - Display
Name stringHtml - Docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- Duplicate
Emails boolAllowed - Edit
Username boolAllowed - Email
Theme string - Enabled bool
- Internal
Id string - Internationalization
Realm
Internationalization - Login
Theme string - Login
With boolEmail Allowed - Oauth2Device
Code stringLifespan - Oauth2Device
Polling intInterval - Offline
Session stringIdle Timeout - Offline
Session stringMax Lifespan - Offline
Session boolMax Lifespan Enabled - Otp
Policy RealmOtp Policy - Password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- Refresh
Token intMax Reuse - Registration
Allowed bool - Registration
Email boolAs Username - Registration
Flow string - Which flow should be used for RegistrationFlow
- Remember
Me bool - Reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- Reset
Password boolAllowed - Revoke
Refresh boolToken - Security
Defenses RealmSecurity Defenses - Smtp
Server RealmSmtp Server - Ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- Sso
Session stringIdle Timeout - Sso
Session stringIdle Timeout Remember Me - Sso
Session stringMax Lifespan - Sso
Session stringMax Lifespan Remember Me - User
Managed boolAccess - Verify
Email bool - Web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - Web
Authn RealmPolicy Web Authn Policy
- Realm string
- Access
Code stringLifespan - Access
Code stringLifespan Login - Access
Code stringLifespan User Action - Access
Token stringLifespan - Access
Token stringLifespan For Implicit Flow - Account
Theme string - Action
Token stringGenerated By Admin Lifespan - Action
Token stringGenerated By User Lifespan - Admin
Theme string - Attributes map[string]string
- Browser
Flow string - Which flow should be used for BrowserFlow
- Client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- Client
Session stringIdle Timeout - Client
Session stringMax Lifespan - Default
Default []stringClient Scopes - Default
Optional []stringClient Scopes - Default
Signature stringAlgorithm - Direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- Display
Name string - Display
Name stringHtml - Docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- Duplicate
Emails boolAllowed - Edit
Username boolAllowed - Email
Theme string - Enabled bool
- Internal
Id string - Internationalization
Realm
Internationalization Args - Login
Theme string - Login
With boolEmail Allowed - Oauth2Device
Code stringLifespan - Oauth2Device
Polling intInterval - Offline
Session stringIdle Timeout - Offline
Session stringMax Lifespan - Offline
Session boolMax Lifespan Enabled - Otp
Policy RealmOtp Policy Args - Password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- Refresh
Token intMax Reuse - Registration
Allowed bool - Registration
Email boolAs Username - Registration
Flow string - Which flow should be used for RegistrationFlow
- Remember
Me bool - Reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- Reset
Password boolAllowed - Revoke
Refresh boolToken - Security
Defenses RealmSecurity Defenses Args - Smtp
Server RealmSmtp Server Args - Ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- Sso
Session stringIdle Timeout - Sso
Session stringIdle Timeout Remember Me - Sso
Session stringMax Lifespan - Sso
Session stringMax Lifespan Remember Me - User
Managed boolAccess - Verify
Email bool - Web
Authn RealmPasswordless Policy Web Authn Passwordless Policy Args - Web
Authn RealmPolicy Web Authn Policy Args
- realm String
- access
Code StringLifespan - access
Code StringLifespan Login - access
Code StringLifespan User Action - access
Token StringLifespan - access
Token StringLifespan For Implicit Flow - account
Theme String - action
Token StringGenerated By Admin Lifespan - action
Token StringGenerated By User Lifespan - admin
Theme String - attributes Map<String,String>
- browser
Flow String - Which flow should be used for BrowserFlow
- client
Authentication StringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session StringIdle Timeout - client
Session StringMax Lifespan - default
Default List<String>Client Scopes - default
Optional List<String>Client Scopes - default
Signature StringAlgorithm - direct
Grant StringFlow - Which flow should be used for DirectGrantFlow
- display
Name String - display
Name StringHtml - docker
Authentication StringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails BooleanAllowed - edit
Username BooleanAllowed - email
Theme String - enabled Boolean
- internal
Id String - internationalization
Realm
Internationalization - login
Theme String - login
With BooleanEmail Allowed - oauth2Device
Code StringLifespan - oauth2Device
Polling IntegerInterval - offline
Session StringIdle Timeout - offline
Session StringMax Lifespan - offline
Session BooleanMax Lifespan Enabled - otp
Policy RealmOtp Policy - password
Policy String - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- refresh
Token IntegerMax Reuse - registration
Allowed Boolean - registration
Email BooleanAs Username - registration
Flow String - Which flow should be used for RegistrationFlow
- remember
Me Boolean - reset
Credentials StringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password BooleanAllowed - revoke
Refresh BooleanToken - security
Defenses RealmSecurity Defenses - smtp
Server RealmSmtp Server - ssl
Required String - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session StringIdle Timeout - sso
Session StringIdle Timeout Remember Me - sso
Session StringMax Lifespan - sso
Session StringMax Lifespan Remember Me - user
Managed BooleanAccess - verify
Email Boolean - web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - web
Authn RealmPolicy Web Authn Policy
- realm string
- access
Code stringLifespan - access
Code stringLifespan Login - access
Code stringLifespan User Action - access
Token stringLifespan - access
Token stringLifespan For Implicit Flow - account
Theme string - action
Token stringGenerated By Admin Lifespan - action
Token stringGenerated By User Lifespan - admin
Theme string - attributes {[key: string]: string}
- browser
Flow string - Which flow should be used for BrowserFlow
- client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session stringIdle Timeout - client
Session stringMax Lifespan - default
Default string[]Client Scopes - default
Optional string[]Client Scopes - default
Signature stringAlgorithm - direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- display
Name string - display
Name stringHtml - docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails booleanAllowed - edit
Username booleanAllowed - email
Theme string - enabled boolean
- internal
Id string - internationalization
Realm
Internationalization - login
Theme string - login
With booleanEmail Allowed - oauth2Device
Code stringLifespan - oauth2Device
Polling numberInterval - offline
Session stringIdle Timeout - offline
Session stringMax Lifespan - offline
Session booleanMax Lifespan Enabled - otp
Policy RealmOtp Policy - password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- refresh
Token numberMax Reuse - registration
Allowed boolean - registration
Email booleanAs Username - registration
Flow string - Which flow should be used for RegistrationFlow
- remember
Me boolean - reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password booleanAllowed - revoke
Refresh booleanToken - security
Defenses RealmSecurity Defenses - smtp
Server RealmSmtp Server - ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session stringIdle Timeout - sso
Session stringIdle Timeout Remember Me - sso
Session stringMax Lifespan - sso
Session stringMax Lifespan Remember Me - user
Managed booleanAccess - verify
Email boolean - web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - web
Authn RealmPolicy Web Authn Policy
- realm str
- access_
code_ strlifespan - access_
code_ strlifespan_ login - access_
code_ strlifespan_ user_ action - access_
token_ strlifespan - access_
token_ strlifespan_ for_ implicit_ flow - account_
theme str - action_
token_ strgenerated_ by_ admin_ lifespan - action_
token_ strgenerated_ by_ user_ lifespan - admin_
theme str - attributes Mapping[str, str]
- browser_
flow str - Which flow should be used for BrowserFlow
- client_
authentication_ strflow - Which flow should be used for ClientAuthenticationFlow
- client_
session_ stridle_ timeout - client_
session_ strmax_ lifespan - default_
default_ Sequence[str]client_ scopes - default_
optional_ Sequence[str]client_ scopes - default_
signature_ stralgorithm - direct_
grant_ strflow - Which flow should be used for DirectGrantFlow
- display_
name str - display_
name_ strhtml - docker_
authentication_ strflow - Which flow should be used for DockerAuthenticationFlow
- duplicate_
emails_ boolallowed - edit_
username_ boolallowed - email_
theme str - enabled bool
- internal_
id str - internationalization
Realm
Internationalization Args - login_
theme str - login_
with_ boolemail_ allowed - oauth2_
device_ strcode_ lifespan - oauth2_
device_ intpolling_ interval - offline_
session_ stridle_ timeout - offline_
session_ strmax_ lifespan - offline_
session_ boolmax_ lifespan_ enabled - otp_
policy RealmOtp Policy Args - password_
policy str - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- refresh_
token_ intmax_ reuse - registration_
allowed bool - registration_
email_ boolas_ username - registration_
flow str - Which flow should be used for RegistrationFlow
- remember_
me bool - reset_
credentials_ strflow - Which flow should be used for ResetCredentialsFlow
- reset_
password_ boolallowed - revoke_
refresh_ booltoken - security_
defenses RealmSecurity Defenses Args - smtp_
server RealmSmtp Server Args - ssl_
required str - SSL Required: Values can be 'none', 'external' or 'all'.
- sso_
session_ stridle_ timeout - sso_
session_ stridle_ timeout_ remember_ me - sso_
session_ strmax_ lifespan - sso_
session_ strmax_ lifespan_ remember_ me - user_
managed_ boolaccess - verify_
email bool - web_
authn_ Realmpasswordless_ policy Web Authn Passwordless Policy Args - web_
authn_ Realmpolicy Web Authn Policy Args
- realm String
- access
Code StringLifespan - access
Code StringLifespan Login - access
Code StringLifespan User Action - access
Token StringLifespan - access
Token StringLifespan For Implicit Flow - account
Theme String - action
Token StringGenerated By Admin Lifespan - action
Token StringGenerated By User Lifespan - admin
Theme String - attributes Map<String>
- browser
Flow String - Which flow should be used for BrowserFlow
- client
Authentication StringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session StringIdle Timeout - client
Session StringMax Lifespan - default
Default List<String>Client Scopes - default
Optional List<String>Client Scopes - default
Signature StringAlgorithm - direct
Grant StringFlow - Which flow should be used for DirectGrantFlow
- display
Name String - display
Name StringHtml - docker
Authentication StringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails BooleanAllowed - edit
Username BooleanAllowed - email
Theme String - enabled Boolean
- internal
Id String - internationalization Property Map
- login
Theme String - login
With BooleanEmail Allowed - oauth2Device
Code StringLifespan - oauth2Device
Polling NumberInterval - offline
Session StringIdle Timeout - offline
Session StringMax Lifespan - offline
Session BooleanMax Lifespan Enabled - otp
Policy Property Map - password
Policy String - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- refresh
Token NumberMax Reuse - registration
Allowed Boolean - registration
Email BooleanAs Username - registration
Flow String - Which flow should be used for RegistrationFlow
- remember
Me Boolean - reset
Credentials StringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password BooleanAllowed - revoke
Refresh BooleanToken - security
Defenses Property Map - smtp
Server Property Map - ssl
Required String - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session StringIdle Timeout - sso
Session StringIdle Timeout Remember Me - sso
Session StringMax Lifespan - sso
Session StringMax Lifespan Remember Me - user
Managed BooleanAccess - verify
Email Boolean - web
Authn Property MapPasswordless Policy - web
Authn Property MapPolicy
Outputs
All input properties are implicitly available as output properties. Additionally, the Realm resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Realm Resource
Get an existing Realm resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RealmState, opts?: CustomResourceOptions): Realm
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_code_lifespan: Optional[str] = None,
access_code_lifespan_login: Optional[str] = None,
access_code_lifespan_user_action: Optional[str] = None,
access_token_lifespan: Optional[str] = None,
access_token_lifespan_for_implicit_flow: Optional[str] = None,
account_theme: Optional[str] = None,
action_token_generated_by_admin_lifespan: Optional[str] = None,
action_token_generated_by_user_lifespan: Optional[str] = None,
admin_theme: Optional[str] = None,
attributes: Optional[Mapping[str, str]] = None,
browser_flow: Optional[str] = None,
client_authentication_flow: Optional[str] = None,
client_session_idle_timeout: Optional[str] = None,
client_session_max_lifespan: Optional[str] = None,
default_default_client_scopes: Optional[Sequence[str]] = None,
default_optional_client_scopes: Optional[Sequence[str]] = None,
default_signature_algorithm: Optional[str] = None,
direct_grant_flow: Optional[str] = None,
display_name: Optional[str] = None,
display_name_html: Optional[str] = None,
docker_authentication_flow: Optional[str] = None,
duplicate_emails_allowed: Optional[bool] = None,
edit_username_allowed: Optional[bool] = None,
email_theme: Optional[str] = None,
enabled: Optional[bool] = None,
internal_id: Optional[str] = None,
internationalization: Optional[RealmInternationalizationArgs] = None,
login_theme: Optional[str] = None,
login_with_email_allowed: Optional[bool] = None,
oauth2_device_code_lifespan: Optional[str] = None,
oauth2_device_polling_interval: Optional[int] = None,
offline_session_idle_timeout: Optional[str] = None,
offline_session_max_lifespan: Optional[str] = None,
offline_session_max_lifespan_enabled: Optional[bool] = None,
otp_policy: Optional[RealmOtpPolicyArgs] = None,
password_policy: Optional[str] = None,
realm: Optional[str] = None,
refresh_token_max_reuse: Optional[int] = None,
registration_allowed: Optional[bool] = None,
registration_email_as_username: Optional[bool] = None,
registration_flow: Optional[str] = None,
remember_me: Optional[bool] = None,
reset_credentials_flow: Optional[str] = None,
reset_password_allowed: Optional[bool] = None,
revoke_refresh_token: Optional[bool] = None,
security_defenses: Optional[RealmSecurityDefensesArgs] = None,
smtp_server: Optional[RealmSmtpServerArgs] = None,
ssl_required: Optional[str] = None,
sso_session_idle_timeout: Optional[str] = None,
sso_session_idle_timeout_remember_me: Optional[str] = None,
sso_session_max_lifespan: Optional[str] = None,
sso_session_max_lifespan_remember_me: Optional[str] = None,
user_managed_access: Optional[bool] = None,
verify_email: Optional[bool] = None,
web_authn_passwordless_policy: Optional[RealmWebAuthnPasswordlessPolicyArgs] = None,
web_authn_policy: Optional[RealmWebAuthnPolicyArgs] = None) -> Realm
func GetRealm(ctx *Context, name string, id IDInput, state *RealmState, opts ...ResourceOption) (*Realm, error)
public static Realm Get(string name, Input<string> id, RealmState? state, CustomResourceOptions? opts = null)
public static Realm get(String name, Output<String> id, RealmState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Code stringLifespan - Access
Code stringLifespan Login - Access
Code stringLifespan User Action - Access
Token stringLifespan - Access
Token stringLifespan For Implicit Flow - Account
Theme string - Action
Token stringGenerated By Admin Lifespan - Action
Token stringGenerated By User Lifespan - Admin
Theme string - Attributes Dictionary<string, string>
- Browser
Flow string - Which flow should be used for BrowserFlow
- Client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- Client
Session stringIdle Timeout - Client
Session stringMax Lifespan - Default
Default List<string>Client Scopes - Default
Optional List<string>Client Scopes - Default
Signature stringAlgorithm - Direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- Display
Name string - Display
Name stringHtml - Docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- Duplicate
Emails boolAllowed - Edit
Username boolAllowed - Email
Theme string - Enabled bool
- Internal
Id string - Internationalization
Realm
Internationalization - Login
Theme string - Login
With boolEmail Allowed - Oauth2Device
Code stringLifespan - Oauth2Device
Polling intInterval - Offline
Session stringIdle Timeout - Offline
Session stringMax Lifespan - Offline
Session boolMax Lifespan Enabled - Otp
Policy RealmOtp Policy - Password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- Realm
Name string - Refresh
Token intMax Reuse - Registration
Allowed bool - Registration
Email boolAs Username - Registration
Flow string - Which flow should be used for RegistrationFlow
- Remember
Me bool - Reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- Reset
Password boolAllowed - Revoke
Refresh boolToken - Security
Defenses RealmSecurity Defenses - Smtp
Server RealmSmtp Server - Ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- Sso
Session stringIdle Timeout - Sso
Session stringIdle Timeout Remember Me - Sso
Session stringMax Lifespan - Sso
Session stringMax Lifespan Remember Me - User
Managed boolAccess - Verify
Email bool - Web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - Web
Authn RealmPolicy Web Authn Policy
- Access
Code stringLifespan - Access
Code stringLifespan Login - Access
Code stringLifespan User Action - Access
Token stringLifespan - Access
Token stringLifespan For Implicit Flow - Account
Theme string - Action
Token stringGenerated By Admin Lifespan - Action
Token stringGenerated By User Lifespan - Admin
Theme string - Attributes map[string]string
- Browser
Flow string - Which flow should be used for BrowserFlow
- Client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- Client
Session stringIdle Timeout - Client
Session stringMax Lifespan - Default
Default []stringClient Scopes - Default
Optional []stringClient Scopes - Default
Signature stringAlgorithm - Direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- Display
Name string - Display
Name stringHtml - Docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- Duplicate
Emails boolAllowed - Edit
Username boolAllowed - Email
Theme string - Enabled bool
- Internal
Id string - Internationalization
Realm
Internationalization Args - Login
Theme string - Login
With boolEmail Allowed - Oauth2Device
Code stringLifespan - Oauth2Device
Polling intInterval - Offline
Session stringIdle Timeout - Offline
Session stringMax Lifespan - Offline
Session boolMax Lifespan Enabled - Otp
Policy RealmOtp Policy Args - Password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- Realm string
- Refresh
Token intMax Reuse - Registration
Allowed bool - Registration
Email boolAs Username - Registration
Flow string - Which flow should be used for RegistrationFlow
- Remember
Me bool - Reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- Reset
Password boolAllowed - Revoke
Refresh boolToken - Security
Defenses RealmSecurity Defenses Args - Smtp
Server RealmSmtp Server Args - Ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- Sso
Session stringIdle Timeout - Sso
Session stringIdle Timeout Remember Me - Sso
Session stringMax Lifespan - Sso
Session stringMax Lifespan Remember Me - User
Managed boolAccess - Verify
Email bool - Web
Authn RealmPasswordless Policy Web Authn Passwordless Policy Args - Web
Authn RealmPolicy Web Authn Policy Args
- access
Code StringLifespan - access
Code StringLifespan Login - access
Code StringLifespan User Action - access
Token StringLifespan - access
Token StringLifespan For Implicit Flow - account
Theme String - action
Token StringGenerated By Admin Lifespan - action
Token StringGenerated By User Lifespan - admin
Theme String - attributes Map<String,String>
- browser
Flow String - Which flow should be used for BrowserFlow
- client
Authentication StringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session StringIdle Timeout - client
Session StringMax Lifespan - default
Default List<String>Client Scopes - default
Optional List<String>Client Scopes - default
Signature StringAlgorithm - direct
Grant StringFlow - Which flow should be used for DirectGrantFlow
- display
Name String - display
Name StringHtml - docker
Authentication StringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails BooleanAllowed - edit
Username BooleanAllowed - email
Theme String - enabled Boolean
- internal
Id String - internationalization
Realm
Internationalization - login
Theme String - login
With BooleanEmail Allowed - oauth2Device
Code StringLifespan - oauth2Device
Polling IntegerInterval - offline
Session StringIdle Timeout - offline
Session StringMax Lifespan - offline
Session BooleanMax Lifespan Enabled - otp
Policy RealmOtp Policy - password
Policy String - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- realm String
- refresh
Token IntegerMax Reuse - registration
Allowed Boolean - registration
Email BooleanAs Username - registration
Flow String - Which flow should be used for RegistrationFlow
- remember
Me Boolean - reset
Credentials StringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password BooleanAllowed - revoke
Refresh BooleanToken - security
Defenses RealmSecurity Defenses - smtp
Server RealmSmtp Server - ssl
Required String - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session StringIdle Timeout - sso
Session StringIdle Timeout Remember Me - sso
Session StringMax Lifespan - sso
Session StringMax Lifespan Remember Me - user
Managed BooleanAccess - verify
Email Boolean - web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - web
Authn RealmPolicy Web Authn Policy
- access
Code stringLifespan - access
Code stringLifespan Login - access
Code stringLifespan User Action - access
Token stringLifespan - access
Token stringLifespan For Implicit Flow - account
Theme string - action
Token stringGenerated By Admin Lifespan - action
Token stringGenerated By User Lifespan - admin
Theme string - attributes {[key: string]: string}
- browser
Flow string - Which flow should be used for BrowserFlow
- client
Authentication stringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session stringIdle Timeout - client
Session stringMax Lifespan - default
Default string[]Client Scopes - default
Optional string[]Client Scopes - default
Signature stringAlgorithm - direct
Grant stringFlow - Which flow should be used for DirectGrantFlow
- display
Name string - display
Name stringHtml - docker
Authentication stringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails booleanAllowed - edit
Username booleanAllowed - email
Theme string - enabled boolean
- internal
Id string - internationalization
Realm
Internationalization - login
Theme string - login
With booleanEmail Allowed - oauth2Device
Code stringLifespan - oauth2Device
Polling numberInterval - offline
Session stringIdle Timeout - offline
Session stringMax Lifespan - offline
Session booleanMax Lifespan Enabled - otp
Policy RealmOtp Policy - password
Policy string - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- realm string
- refresh
Token numberMax Reuse - registration
Allowed boolean - registration
Email booleanAs Username - registration
Flow string - Which flow should be used for RegistrationFlow
- remember
Me boolean - reset
Credentials stringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password booleanAllowed - revoke
Refresh booleanToken - security
Defenses RealmSecurity Defenses - smtp
Server RealmSmtp Server - ssl
Required string - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session stringIdle Timeout - sso
Session stringIdle Timeout Remember Me - sso
Session stringMax Lifespan - sso
Session stringMax Lifespan Remember Me - user
Managed booleanAccess - verify
Email boolean - web
Authn RealmPasswordless Policy Web Authn Passwordless Policy - web
Authn RealmPolicy Web Authn Policy
- access_
code_ strlifespan - access_
code_ strlifespan_ login - access_
code_ strlifespan_ user_ action - access_
token_ strlifespan - access_
token_ strlifespan_ for_ implicit_ flow - account_
theme str - action_
token_ strgenerated_ by_ admin_ lifespan - action_
token_ strgenerated_ by_ user_ lifespan - admin_
theme str - attributes Mapping[str, str]
- browser_
flow str - Which flow should be used for BrowserFlow
- client_
authentication_ strflow - Which flow should be used for ClientAuthenticationFlow
- client_
session_ stridle_ timeout - client_
session_ strmax_ lifespan - default_
default_ Sequence[str]client_ scopes - default_
optional_ Sequence[str]client_ scopes - default_
signature_ stralgorithm - direct_
grant_ strflow - Which flow should be used for DirectGrantFlow
- display_
name str - display_
name_ strhtml - docker_
authentication_ strflow - Which flow should be used for DockerAuthenticationFlow
- duplicate_
emails_ boolallowed - edit_
username_ boolallowed - email_
theme str - enabled bool
- internal_
id str - internationalization
Realm
Internationalization Args - login_
theme str - login_
with_ boolemail_ allowed - oauth2_
device_ strcode_ lifespan - oauth2_
device_ intpolling_ interval - offline_
session_ stridle_ timeout - offline_
session_ strmax_ lifespan - offline_
session_ boolmax_ lifespan_ enabled - otp_
policy RealmOtp Policy Args - password_
policy str - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- realm str
- refresh_
token_ intmax_ reuse - registration_
allowed bool - registration_
email_ boolas_ username - registration_
flow str - Which flow should be used for RegistrationFlow
- remember_
me bool - reset_
credentials_ strflow - Which flow should be used for ResetCredentialsFlow
- reset_
password_ boolallowed - revoke_
refresh_ booltoken - security_
defenses RealmSecurity Defenses Args - smtp_
server RealmSmtp Server Args - ssl_
required str - SSL Required: Values can be 'none', 'external' or 'all'.
- sso_
session_ stridle_ timeout - sso_
session_ stridle_ timeout_ remember_ me - sso_
session_ strmax_ lifespan - sso_
session_ strmax_ lifespan_ remember_ me - user_
managed_ boolaccess - verify_
email bool - web_
authn_ Realmpasswordless_ policy Web Authn Passwordless Policy Args - web_
authn_ Realmpolicy Web Authn Policy Args
- access
Code StringLifespan - access
Code StringLifespan Login - access
Code StringLifespan User Action - access
Token StringLifespan - access
Token StringLifespan For Implicit Flow - account
Theme String - action
Token StringGenerated By Admin Lifespan - action
Token StringGenerated By User Lifespan - admin
Theme String - attributes Map<String>
- browser
Flow String - Which flow should be used for BrowserFlow
- client
Authentication StringFlow - Which flow should be used for ClientAuthenticationFlow
- client
Session StringIdle Timeout - client
Session StringMax Lifespan - default
Default List<String>Client Scopes - default
Optional List<String>Client Scopes - default
Signature StringAlgorithm - direct
Grant StringFlow - Which flow should be used for DirectGrantFlow
- display
Name String - display
Name StringHtml - docker
Authentication StringFlow - Which flow should be used for DockerAuthenticationFlow
- duplicate
Emails BooleanAllowed - edit
Username BooleanAllowed - email
Theme String - enabled Boolean
- internal
Id String - internationalization Property Map
- login
Theme String - login
With BooleanEmail Allowed - oauth2Device
Code StringLifespan - oauth2Device
Polling NumberInterval - offline
Session StringIdle Timeout - offline
Session StringMax Lifespan - offline
Session BooleanMax Lifespan Enabled - otp
Policy Property Map - password
Policy String - String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
- realm String
- refresh
Token NumberMax Reuse - registration
Allowed Boolean - registration
Email BooleanAs Username - registration
Flow String - Which flow should be used for RegistrationFlow
- remember
Me Boolean - reset
Credentials StringFlow - Which flow should be used for ResetCredentialsFlow
- reset
Password BooleanAllowed - revoke
Refresh BooleanToken - security
Defenses Property Map - smtp
Server Property Map - ssl
Required String - SSL Required: Values can be 'none', 'external' or 'all'.
- sso
Session StringIdle Timeout - sso
Session StringIdle Timeout Remember Me - sso
Session StringMax Lifespan - sso
Session StringMax Lifespan Remember Me - user
Managed BooleanAccess - verify
Email Boolean - web
Authn Property MapPasswordless Policy - web
Authn Property MapPolicy
Supporting Types
RealmInternationalization, RealmInternationalizationArgs
- Default
Locale string - Supported
Locales List<string>
- Default
Locale string - Supported
Locales []string
- default
Locale String - supported
Locales List<String>
- default
Locale string - supported
Locales string[]
- default_
locale str - supported_
locales Sequence[str]
- default
Locale String - supported
Locales List<String>
RealmOtpPolicy, RealmOtpPolicyArgs
- Algorithm string
- What hashing algorithm should be used to generate the OTP.
- Digits int
- Initial
Counter int - Look
Ahead intWindow - Period int
- Type string
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
- Algorithm string
- What hashing algorithm should be used to generate the OTP.
- Digits int
- Initial
Counter int - Look
Ahead intWindow - Period int
- Type string
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
- algorithm String
- What hashing algorithm should be used to generate the OTP.
- digits Integer
- initial
Counter Integer - look
Ahead IntegerWindow - period Integer
- type String
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
- algorithm string
- What hashing algorithm should be used to generate the OTP.
- digits number
- initial
Counter number - look
Ahead numberWindow - period number
- type string
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
- algorithm str
- What hashing algorithm should be used to generate the OTP.
- digits int
- initial_
counter int - look_
ahead_ intwindow - period int
- type str
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
- algorithm String
- What hashing algorithm should be used to generate the OTP.
- digits Number
- initial
Counter Number - look
Ahead NumberWindow - period Number
- type String
- OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
RealmSecurityDefenses, RealmSecurityDefensesArgs
RealmSecurityDefensesBruteForceDetection, RealmSecurityDefensesBruteForceDetectionArgs
- failure
Reset IntegerTime Seconds - max
Failure IntegerWait Seconds - max
Login IntegerFailures - minimum
Quick IntegerLogin Wait Seconds - permanent
Lockout Boolean - quick
Login IntegerCheck Milli Seconds - wait
Increment IntegerSeconds
- failure
Reset numberTime Seconds - max
Failure numberWait Seconds - max
Login numberFailures - minimum
Quick numberLogin Wait Seconds - permanent
Lockout boolean - quick
Login numberCheck Milli Seconds - wait
Increment numberSeconds
- failure
Reset NumberTime Seconds - max
Failure NumberWait Seconds - max
Login NumberFailures - minimum
Quick NumberLogin Wait Seconds - permanent
Lockout Boolean - quick
Login NumberCheck Milli Seconds - wait
Increment NumberSeconds
RealmSecurityDefensesHeaders, RealmSecurityDefensesHeadersArgs
- Content
Security stringPolicy - Content
Security stringPolicy Report Only - Referrer
Policy string - Strict
Transport stringSecurity - XContent
Type stringOptions - XFrame
Options string - XRobots
Tag string - XXss
Protection string
- Content
Security stringPolicy - Content
Security stringPolicy Report Only - Referrer
Policy string - Strict
Transport stringSecurity - XContent
Type stringOptions - XFrame
Options string - XRobots
Tag string - XXss
Protection string
- content
Security StringPolicy - content
Security StringPolicy Report Only - referrer
Policy String - strict
Transport StringSecurity - x
Content StringType Options - x
Frame StringOptions - x
Robots StringTag - x
Xss StringProtection
- content
Security stringPolicy - content
Security stringPolicy Report Only - referrer
Policy string - strict
Transport stringSecurity - x
Content stringType Options - x
Frame stringOptions - x
Robots stringTag - x
Xss stringProtection
- content
Security StringPolicy - content
Security StringPolicy Report Only - referrer
Policy String - strict
Transport StringSecurity - x
Content StringType Options - x
Frame StringOptions - x
Robots StringTag - x
Xss StringProtection
RealmSmtpServer, RealmSmtpServerArgs
- From string
- Host string
- Auth
Realm
Smtp Server Auth - Envelope
From string - From
Display stringName - Port string
- Reply
To string - Reply
To stringDisplay Name - Ssl bool
- Starttls bool
- From string
- Host string
- Auth
Realm
Smtp Server Auth - Envelope
From string - From
Display stringName - Port string
- Reply
To string - Reply
To stringDisplay Name - Ssl bool
- Starttls bool
- from String
- host String
- auth
Realm
Smtp Server Auth - envelope
From String - from
Display StringName - port String
- reply
To String - reply
To StringDisplay Name - ssl Boolean
- starttls Boolean
- from string
- host string
- auth
Realm
Smtp Server Auth - envelope
From string - from
Display stringName - port string
- reply
To string - reply
To stringDisplay Name - ssl boolean
- starttls boolean
- from_ str
- host str
- auth
Realm
Smtp Server Auth - envelope_
from str - from_
display_ strname - port str
- reply_
to str - reply_
to_ strdisplay_ name - ssl bool
- starttls bool
- from String
- host String
- auth Property Map
- envelope
From String - from
Display StringName - port String
- reply
To String - reply
To StringDisplay Name - ssl Boolean
- starttls Boolean
RealmSmtpServerAuth, RealmSmtpServerAuthArgs
RealmWebAuthnPasswordlessPolicy, RealmWebAuthnPasswordlessPolicyArgs
- Acceptable
Aaguids List<string> - Attestation
Conveyance stringPreference - Either none, indirect or direct
- Authenticator
Attachment string - Either platform or cross-platform
- Avoid
Same boolAuthenticator Register - Create
Timeout int - Relying
Party stringEntity Name - Relying
Party stringId - Require
Resident stringKey - Either Yes or No
- Signature
Algorithms List<string> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- User
Verification stringRequirement - Either required, preferred or discouraged
- Acceptable
Aaguids []string - Attestation
Conveyance stringPreference - Either none, indirect or direct
- Authenticator
Attachment string - Either platform or cross-platform
- Avoid
Same boolAuthenticator Register - Create
Timeout int - Relying
Party stringEntity Name - Relying
Party stringId - Require
Resident stringKey - Either Yes or No
- Signature
Algorithms []string - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- User
Verification stringRequirement - Either required, preferred or discouraged
- acceptable
Aaguids List<String> - attestation
Conveyance StringPreference - Either none, indirect or direct
- authenticator
Attachment String - Either platform or cross-platform
- avoid
Same BooleanAuthenticator Register - create
Timeout Integer - relying
Party StringEntity Name - relying
Party StringId - require
Resident StringKey - Either Yes or No
- signature
Algorithms List<String> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification StringRequirement - Either required, preferred or discouraged
- acceptable
Aaguids string[] - attestation
Conveyance stringPreference - Either none, indirect or direct
- authenticator
Attachment string - Either platform or cross-platform
- avoid
Same booleanAuthenticator Register - create
Timeout number - relying
Party stringEntity Name - relying
Party stringId - require
Resident stringKey - Either Yes or No
- signature
Algorithms string[] - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification stringRequirement - Either required, preferred or discouraged
- acceptable_
aaguids Sequence[str] - attestation_
conveyance_ strpreference - Either none, indirect or direct
- authenticator_
attachment str - Either platform or cross-platform
- avoid_
same_ boolauthenticator_ register - create_
timeout int - relying_
party_ strentity_ name - relying_
party_ strid - require_
resident_ strkey - Either Yes or No
- signature_
algorithms Sequence[str] - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user_
verification_ strrequirement - Either required, preferred or discouraged
- acceptable
Aaguids List<String> - attestation
Conveyance StringPreference - Either none, indirect or direct
- authenticator
Attachment String - Either platform or cross-platform
- avoid
Same BooleanAuthenticator Register - create
Timeout Number - relying
Party StringEntity Name - relying
Party StringId - require
Resident StringKey - Either Yes or No
- signature
Algorithms List<String> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification StringRequirement - Either required, preferred or discouraged
RealmWebAuthnPolicy, RealmWebAuthnPolicyArgs
- Acceptable
Aaguids List<string> - Attestation
Conveyance stringPreference - Either none, indirect or direct
- Authenticator
Attachment string - Either platform or cross-platform
- Avoid
Same boolAuthenticator Register - Create
Timeout int - Relying
Party stringEntity Name - Relying
Party stringId - Require
Resident stringKey - Either Yes or No
- Signature
Algorithms List<string> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- User
Verification stringRequirement - Either required, preferred or discouraged
- Acceptable
Aaguids []string - Attestation
Conveyance stringPreference - Either none, indirect or direct
- Authenticator
Attachment string - Either platform or cross-platform
- Avoid
Same boolAuthenticator Register - Create
Timeout int - Relying
Party stringEntity Name - Relying
Party stringId - Require
Resident stringKey - Either Yes or No
- Signature
Algorithms []string - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- User
Verification stringRequirement - Either required, preferred or discouraged
- acceptable
Aaguids List<String> - attestation
Conveyance StringPreference - Either none, indirect or direct
- authenticator
Attachment String - Either platform or cross-platform
- avoid
Same BooleanAuthenticator Register - create
Timeout Integer - relying
Party StringEntity Name - relying
Party StringId - require
Resident StringKey - Either Yes or No
- signature
Algorithms List<String> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification StringRequirement - Either required, preferred or discouraged
- acceptable
Aaguids string[] - attestation
Conveyance stringPreference - Either none, indirect or direct
- authenticator
Attachment string - Either platform or cross-platform
- avoid
Same booleanAuthenticator Register - create
Timeout number - relying
Party stringEntity Name - relying
Party stringId - require
Resident stringKey - Either Yes or No
- signature
Algorithms string[] - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification stringRequirement - Either required, preferred or discouraged
- acceptable_
aaguids Sequence[str] - attestation_
conveyance_ strpreference - Either none, indirect or direct
- authenticator_
attachment str - Either platform or cross-platform
- avoid_
same_ boolauthenticator_ register - create_
timeout int - relying_
party_ strentity_ name - relying_
party_ strid - require_
resident_ strkey - Either Yes or No
- signature_
algorithms Sequence[str] - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user_
verification_ strrequirement - Either required, preferred or discouraged
- acceptable
Aaguids List<String> - attestation
Conveyance StringPreference - Either none, indirect or direct
- authenticator
Attachment String - Either platform or cross-platform
- avoid
Same BooleanAuthenticator Register - create
Timeout Number - relying
Party StringEntity Name - relying
Party StringId - require
Resident StringKey - Either Yes or No
- signature
Algorithms List<String> - Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
- user
Verification StringRequirement - Either required, preferred or discouraged
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
keycloak
Terraform Provider.